The Jenkins project will publish a security advisory for Jenkins plugins tomorrow, Wednesday, April 3. The highest severity is 'medium'. The most popular included plugin has between 2,500 and 5,000 reported installations. Several issues will be published without a fix as outlined at https://jenkins.io/security/#vulnerabilities-in-plugins
This affects only Jenkins plugins, there will be no corresponding security update for Jenkins itself. -- You received this message because you are subscribed to the Google Groups "Jenkins Advisories" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-advisories+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.